Cybersecurity

August 1, 2021
By Jeremy Miller and Dawn Yankeelov
Workforce development must include education and training for cyber readiness.  Envato/mstandret

The small business sector must seize the day and immediately begin taking the steps necessary to implement tools for cyber resilience and cyber readiness. Scaling cybersecurity services, education and training are crucial to national security.

Regarding the cyber warfare landscape for 2021, the most critical group to secure is the small and midsize business sector (SMBs), particularly following the pandemic. When working with tech-specific organizations and the military, process management and a sense of purpose can overcome inertia and apathy until a financial loss appears.

July 22, 2021
By Kimberly Underwood
U.S. Air Force airmen at Andersen Air Force Base, Guam, work to refuel an F-35A Lighting II aircraft assigned to Eielson Air Force Base, Alaska during the Cope North exercise in February. The airmen were conducting agile combat employment, or ACE, training during the exercise. The service’s ACE operations, which aim to bring more agility, resiliency and deterrence in a near-peer competitive environment, will be supported by its zero-trust architecture platforms. Credit: Pacific Air Forces/Senior Airmen Jona

Led by the Air Combat Command, the U.S. Air Force is pursuing zero-trust architecture on a level not seen before. One of the service’s first main use cases applies the cybersecurity measure to the agile combat employment (ACE). ACE operations provide a more lean, agile and lethal force that can generate airpower from multiple locations. ACE requires a different kind of command and control (C2) environment, as well as advanced planning concepts and logistical supply line support.

June 22, 2021
By Kimberly Underwood

Following the success of some initial, smaller-scale efforts, the U.S. Air Force is pursuing zero trust architecture on a level not seen before. The service’s Air Combat Command is leading the charge into many more initiatives with a comprehensive view to employ zero trust architecture across its bases, weapon systems and missions.

July 1, 2021
By Lt. Col. Ryan Kenny, USA
Defending digital ecosystems from information pollution data operators should be a mission the U.S. national security apparatus conducts.  Shutterstock/ NDE12019

3rd Place in The Cyber Edge 2021 Writing Contest

A military-age male left home and traveled through the city, unaware he was being surveilled. Those watching him knew his patterns and preferences. They collected his point of departure, route and destination to predict when he would be most vulnerable for attack. Arriving at a marketplace, he meandered through a few high-traffic areas. Passing down a quiet corridor, he finally provided a clear shot. His smartphone buzzed and its screen flashed: “Two-for-one sale at the nearby pretzel shop!” He was struck by a precision-guided advertisement.

June 14, 2021
 
Credit: ZinetroN/Shutterstock

A delayed focus on IT modernization could create a gap between frequent high-impact cyber breaches and the U.S. Department of the Navy’s preparedness to address them. From the SolarWinds hack to ransomware, new cyber threats emerge almost weekly. Advances in technology to help defend against such threats occur so quickly that current acquisition and infrastructure programs cannot keep pace.

June 9, 2021
 

Bowhead Cybersecurity Solutions and Services, Springfield, Virginia is awarded a $92,308,000 cost-plus fixed-fee and cost-only contract for senior consultation support services. Work will be performed in the Washington, D.C. area and is expected to be completed by June 2026. Fiscal 2021 operation and maintenance (Navy) funding in the amount of $2,500,000 will be obligated at the time of award. There are no options for this contract award. This funding would have expired at the end of the current fiscal year if this award had not been made. This contract was a directed in accordance with Section 8(a) of the Small Business Act (15 USC 637(a)(1)) and the Federal Acquisition Regulation part 19.8.

June 1, 2021
By Mark Spangler
 Cyber program managers must review their plans to respond to today’s evolving threat environment.  Shutterstock

Cybersecurity program managers are facing the dilemma of appropriately balancing compliance with threat tracking and mitigation. Today, amidst the ever-growing problem of data breaches, organizations are investing in protection. But simply complying with security and privacy standards seldom means systems and data are automatically secure.

May 24, 2021
 
Cyber adversaries are creating a “wild west” environment in cyberspace where organizations must be aware of their security to protect themselves, said Gene Yoo, CEO of Resecurity Inc. Credit: Shutterstock

Recent cyber attacks against critical infrastructure such as the attack on Colonial Pipeline Co. has put cybersecurity in the spotlight.

But combating cyber adversaries is a broad area requiring significant amounts of human intelligence and a deep technical expertise to identify them, Gene Yoo, CEO of Resecurity Inc., told SIGNAL Magazine Editor-in-Chief Robert K. Ackerman during a SIGNAL Media Executive Video interview.

Adversaries come in different types, he added, noting that these range from part-time hacktivists to skilled professionals working for criminal organizations or state intelligence agencies.

May 19, 2021
By Robert K. Ackerman
 Credit: metamorworks/Shutterstock

Cyber education and training should begin not in college, not in secondary school, not in middle school, not in elementary school, but at home as soon as children are able to view or use social media, say some experts. This training is important not just to lay the groundwork for future cybersecurity professionals in a field starved for expertise, but also to instill good cyber hygiene habits that can be passed on to other family members.

May 13, 2021
By Kimberly Underwood
The new cybersecurity executive order from the White House calls for the federal government’s increased use of multifactor authentication, encryption, endpoint detection response, breach logging, zero-trust architecture and cloud computing, according to a senior administration official. Credit: Shutterstock/Andrea Izzotti

In an effort to increase critical infrastructure cybersecurity and better protect federal networks, President Joseph Biden signed an executive order on May 12. It includes provisions to improve information sharing between industry and the U.S. government, overhaul federal cybersecurity standards, spur the further use of cloud computing and zero trust architecture, and mandate the use of multifactor authentication and encryption. Amongst other measures, the executive order establishes a Cybersecurity Safety Review Board that would dissect a significant cyber incident and make recommendations for action.

May 1, 2021
By Kevin Tonkin
U.S. Marines assigned to the Defensive Cyberspace Operations–Internal Defensive Measures Company, 9th Communications Battalion, review network configurations in the current operations tent at Marine Corps Base, Camp Pendleton. The company executes defensive cyberspace operations for the Marine Corps Enterprise Network. Photo by Cpl. Cutler Brice, USMC, I Marine Expeditionary Force

The massive cyber attack on the United States via information technology vendor SolarWinds continues to send shockwaves through the departments of Defense, State and Homeland Security as well as other agencies. Damage assessments are ongoing. If the U.S. government in general and Defense Department in particular are to successfully defend against attacks by well-funded, patient and highly motivated enemies, they will need to change their approach to defending their networks and systems.

April 28, 2021
 
Getting privileged access management right involves making sure the right security tools are in place and determining that they are easy to use and can interoperate with legacy software and systems, says Ross Johnson, director of federal sales for Thycotic Software Ltd. Credit:Shutterstock

The recent wave of high-profile cyber attacks on federal government agencies and the businesses that support them has gotten organizations thinking about security. A key part of any organization’s security strategy is access management—determining who can access certain kinds of information and resources and when and/or where they can do so.

But determining where to start can often be delayed by indecision due to over-analysis and caution, explains Ross Johnson, director of federal sales for Thycotic Software Ltd. The first and most important thing an organization can do is to make the decision to take inventory of all their data assets.

April 14, 2021
 
The DOD is concerned about the cybersecurity of additive manufacturing systems, said David Benhaim, co-founder and chief technology officer for Markforged. Credit: Shutterstock

The U.S. Department of Defense is looking at additive manufacturing technologies to rapidly prototype and build equipment components and increasingly, to potentially make replacement parts in the field.

While additive manufacturing, the ability to build plastic and metal parts by depositing a fine spray of material, has been used by the aerospace and defense sectors for some time, the capability is now becoming more portable. One such project is the U.S. Marine Corps’ X-Fab effort, which uses a shipping container loaded with compact additive manufacturing equipment that can be shipped anywhere in the world to make replacement parts.

April 9, 2021
By Robert K. Ackerman
A communications tower for military 5G rises above a forest. Several challenges loom as the U.S. Defense Department strives to implement 5G into the force. Credit: M.Moira/Shutterstock

The revolutionary advantages offered by defense use of 5G technology could be undone if the United States doesn’t begin now to meet and overcome a set of challenges, said an expert from the National Security Agency (NSA). These challenges range from developing effective security measures to ensuring the supply chain is not contaminated by parts made by foreign adversaries.

April 1, 2021
By Kimberly Underwood
Lt. Col. Brian Wong, USA, chief of market research for the Army’s Network Cross Functional Team (c), assesses the waveform strength of several mobile ad hoc network radio signals during a Rapid Innovation Fund capstone event in 2019 in Yakima, Washington. Engineers at Johns Hopkins’ Applied Research Lab are looking into how to build a large scale network of intelligent radios, among other tactical communications efforts.    USA/PEO C3T Public Affairs

Software-defined networks, commercial satellite communications, cognitive electronic warfare, intelligent radios and artificial intelligence applications all potentially offer the military advanced capabilities for the tactical environment, say Johns Hopkins University Applied Physics Laboratory’s (APL’s) Julia Andrusenko, chief engineer, Tactical Wireless Systems Group, and Mark Simkins, program manager, Resilient Tactical Communications Networks. 

April 1, 2021
By Matt Toth and Richard Chitamitre
Training sessions, such as Cyber Shield 19, provide cybersecurity analysts opportunities to train, exchange best practices and test their cyber mettle. Credit: Army Staff Sgt. George B. Davis

The nature of military permanent change of station assignments can create gaps in the U.S. Defense Department’s protected posture to cyber assets. The current approach allows valuable institutional knowledge literally to walk out the door, often being replaced with inadequately prepared personnel walking in. This practice runs contrary to the Pentagon’s stated strategic goals that aim at building and maintaining a skilled workforce rather than solely acquiring new tools.

April 1, 2021
By Miroslav Nečas
The NATO Ministers of Defence meet in February to prepare for its summit later this year. Among the topics socially distanced attendees discussed were progress on burden sharing and missions in Afghanistan and Iraq. Credit: NATO

NATO is at risk of losing its technology edge because of emerging and disruptive technologies increasingly developed within the civil sector. The growth of peer competitors’ determination, especially China, and the decline of technology education in Western countries are eroding the advantage they once skillfully held.

To address this state of affairs, the organization’s defense ministers are examining a number of activities. As a part of this initiative, the NATO Industrial Advisory Group (NIAG) conducted a study to provide the industry view of the implications of emerging and disruptive technologies (EDTs) and Chinese advances in defense operations and military capability development.

March 1, 2021
By Robert K. Ackerman
Credit: DHS

The entire nation must engage in an informed debate about cybersecurity and how to stop the damage being inflicted by adversaries through cyberspace, says the director of intelligence for the U.S. Cyber Command. Brig. Gen. Matteo Martemucci, USAF, J-2 for the U.S. Cyber Command, says this debate must explore whether the roles played in cyber defense stay the way they are or change.

February 9, 2021
 

The Boeing Co., St. Louis, Missouri, was awarded a $10,579,798 modification (P00004) to contract W58RGZ19F0045 to integrate, test, upgrade and field functional hardware and software technology improvements and cybersecurity controls, to the Longbow Crew Trainer Generation Four and Generation Five fleets. Work will be performed in St. Louis, Missouri, with an estimated completion date of April 2, 2022. Fiscal year 2019 aircraft procurement (Army) funds in the amount of $10,579,798 were obligated at the time of the award. U.S. Army Contracting Command, Redstone Arsenal, Alabama, is the contracting activity.

February 11, 2021
By Robert K. Ackerman
Stacy Bostjanick (r), director of CMMC, Office of the Under Secretary of Defense (A&S), warns of CMMC certification companies that are not themselves certified in a discussion at AFCEA NOVA Intelligence Community IT Day.

Companies preparing for Cybersecurity Maturity Model Certification (CMMC) should beware of firms that are promising to get them certified, said a government official. Stacy Bostjanick, director of CMMC, Office of the Under Secretary of Defense (A&S), stated that any firms claiming to be able to do that are not capable of that function yet.

February 2, 2021
 

Cyber Systems and Services Solutions, Bellevue, Nebraska, has been awarded a $17,765,741 firm-fixed-price and cost-plus-fixed-fee modification (P0010) to contract FA8773-18-D-0002 to exercise Option Three for defensive cyber realization, integration and operational support services. Work will be performed at Joint Base San Antonio (JBSA)-Lackland, Texas, and is expected to be completed February 28, 2022.  This modification is the result of a competitive acquisition and seven offers were received. Fiscal 2021 operation and maintenance funds in the amount of $8,764,731 are being obligated at the time of award. The 38th Contracting Squadron, JBSA-Lackland, Texas, is the contracting activity.

February 2, 2021
By Robert K. Ackerman
China owes much of its economic growth to technologies purloined from the United States via cyber espionage. Credit: Sangoiri/Shutterstock

The greatest threat the United States faces is through cyber attacks on economic targets, and the worst adversary in this realm is China, according to the director of intelligence for the U.S. Cyber Command. Brig. Gen. Matteo Martemucci, USAF, J-2 for the Cyber Command, declared that China’s pilferage of intellectual property represents a major strike against the United States as part of the Middle Kingdom’s plan for global domination.

February 2, 2021
 

Booz Allen Hamilton Inc., McLean, Virginia, has been awarded a $21,744,548 cost-plus-fixed-fee modification (P00032) to contract FA8750-17-F-0105 for enterprise exploitation and information assurance. This contract modification provides for additional hours to facilitate development of electro-optical emerging data sources as part of the Assured Cyber Enterprise for the Intelligence Community Program.  Work will be performed in McLean, Virginia, and is expected to be completed September 28, 2021. Fiscal 2020 research, development, test and evaluation funds in the amount of $74,381 are being obligated at the time of award.

January 29, 2020
By Kimberly Underwood
The FBI is examining how zero trust architecture could apply to its cybersecurity measures. Credit: Shutterstock/Kristi Blokhin

The Federal Bureau of Investigation (FBI) has a unique role as a federal law enforcement agency as well as a national security department. Its vast information technology enterprise must support its functionality in carrying out these roles, which have different rules of engagement. And when adding new tools, processes or software, the bureau has to consider solutions carefully. With zero trust architecture—a method that combines user authentication, authorization and monitoring; visibility and analytics; automation and orchestration; end user device activity; applications and workload; network and other infrastructure measures; and data tenants to provide more advanced cybersecurity—gaining use in the U.S.

January 22, 2021
By Maryann Lawlor
While many cybersecurity recommendations have focused on the activities of the federal government, AFCEA Cyber Committee members recognize the role of state and local authorities in information security. Credit: Shutterstock/ESB Professional

The cybersecurity of civil government, critical infrastructure and business infrastructure remains uneven. Worrying reports of ransomware affecting city and county governments as well as local health care organizations have put leaders and administrators, and infrastructure operators on edge.

January 14, 2021
By Julianne Simpson
The future enterprise will be edge-centric, cloud enabled and data driven, says Bill Burnham, CTO, U.S. Public Sector Business Unit, Hewlett Packard Enterprise.

The future enterprise will be edge-centric, cloud enabled and data driven, said Bill Burnham, CTO, U.S. Public Sector Business Unit, Hewlett Packard Enterprise.

He shared his ideas during an AFCEA online event titled “The Edge Is Where the Action Is!”

January 6, 2021
Posted by Julianne Simpson
Credit: Shutterstock/Aleksandar Malivuk

The Defense Digital Service (DDS) and HackerOne announced the launch of the DDS’s latest bug bounty program with HackerOne. It is the eleventh such program for DDS and HackerOne and the third with the U.S. Department of the Army.

Hack the Army 3.0 is a security test— time-bound and hacker-powered—aimed at revealing vulnerabilities so they can be resolved before they are exploited by adversaries. The bug bounty program will run from January 6, 2021, through February 17, 2021, and is open to both military and civilian participants.

January 1, 2021
By Kimberly Underwood
When the GAO performs cybersecurity-related audits and reports its findings, the watchdog provides key recommendations to agencies to improve their networks and information technology from risks. The GAO also follows up to see how an agency implemented those recommendations. Credit: Illustration by Chris D’Elia based on images from GAO Reports and lurri Motov/Shutterstock

It is no secret that the U.S. government is grappling with cybersecurity issues across its organizations and agencies. The good news is that the government has an auditing agency that investigates possible weaknesses or cybersecurity gaps and makes key recommendations to rectify problems: the U.S. Government Accountability Office, known as GAO.

January 1, 2021
By M.D. Miller
When people around the world are communicating, they must use precise terms to ensure they are referring to the same topics, problems, results and solutions. Credit: Shutterstock/Rawpixel.com

Emerging technology, state actors such as Russia and China, and nonstate actors including ISIS, are often quoted as some of the greatest threats to computer and network security. But before the United States can engage with these threats effectively, the war against words must take place.

One place to start is by eliminating the word “cyber” as a descriptor. The term has been used and overused, manipulated and exploited so many times and in so many places, it has become meaningless. What individuals or organizations mean or want when they use it is impossible to say. It’s time to scrap the word altogether and instead specify technical concepts at a more granular level.

December 23, 2020
By Harvey Boulter
Shutterstock/Thitichaya Yajampa

Experts have issued fresh warnings to U.S. citizens over the enormous amount of sensitive, personal information being routinely captured and commoditized, and that this same information is being weaponized by the country’s adversaries. A panel at the recent AFCEA TechNet Cyber conference highlighted that data gathering by Facebook, WhatsApp and Google presents a significant risk to both individuals and the nation.

December 2, 2020
By Robert K. Ackerman
Credit: metamorworks/Shutterstock

Innovative ideas may hold the key to thwarting cyber adversaries emboldened by opportunities offered in the COVID-19 pandemic. And, the source of these innovative approaches may be diverse personnel who break the mold of conventional cybersecurity professionals.

December 1, 2020
By Robert K. Ackerman
Credit: Shutterstock/Niyazz

The Defense Department’s new cybersecurity maturity model certification (CMMC) coincidentally took effect on the first day of TechNet Cyber, AFCEA’s virtual event being held December 1-3. Leading officials with the Defense Department, the Defense Information Systems Agency (DISA) and industry discussed what its implementation will mean to the defense industrial base (DIB) and the community as a whole.

November 17, 2020
By Robert K. Ackerman
Credit: Shutterstock/VideoFlow

Adversaries are stepping up their efforts to exfiltrate information and weaken the U.S. supply chain through cyberspace. These efforts aim to both wreck the country from within and strengthen the hand of the adversary wielding the digital sword, according to a U.S. government official.

New government security measures are designed with these challenges in mind, and they can help secure targeted small businesses. The Cybersecurity Maturity Model Certification (CMMC), which is rolling out, is designed to help mitigate the effects of adversarial activities in cyberspace.

November 13, 2020
By Maryann Lawlor
The United States is preparing to enter a period when its infrastructure goes beyond being connected to or depending on cyberspace but instead will reside in cyberspace. Credit: Shutterstock/Gorodenkoff

U.S. data protection and its relationship to national interests are swiftly evolving. One reason this trend will continue, cybersecurity specialists say, is that other nations see cyberspace differently than the United States and other democracies. Rather than incorporating technology into their societies as a tool, they use cybersecurity—both offensively and defensively—to support their different views and overall significantly challenge U.S. interests.

October 22, 2020
By Julianne Simpson
Katie Arrington, chief information security officer for Acquisition and Sustainment, U.S. Department of Defense, says there’s no point in developing software if it’s not secure, during a webinar on securing the federal software supply chain.

Anyone moving through the ecosystem of software development and cyber over the last few decades has heard cool words to describe it: Waterfall, Cobalt, Agile, DevOps and now DevSecOps.

DevSecOps may be the latest term but the idea behind it remains constant: Security should be a priority from the start.

October 1, 2020
By Robert Hoffman
Marines with Marine Corps Forces Cyberspace Command work in the cyber operations center at Lasswell Hall, Fort Meade, Maryland. MARFORCYBER Marines conduct offensive and defensive cyber operations in support of U.S. Cyber Command and operate, secure and defend the Marine Corps Enterprise Network. Credit: Staff Sgt. Jacob Osborne, USMC

Automation software tools are being under-utilized, especially in the U.S. Defense Department. While the department has purchased and used automated scanning tools for security and compliance, it has been slow to adopt automation for many other tasks that would benefit from the capability, such as easing software deployment and standardization and, once developed, increasing the speed of overall automation.

October 1, 2020
By Kimberly Underwood
As the deadly COVID-19 virus spread around the world, so did the attacks from malicious cyber actors, taking advantage of the unsure times, say experts from leading cybersecurity firms. Credit: Shutterstock/VK Studio

While the world was facing the rapid and deadly spread of the severe acute respiratory syndrome coronavirus 2, most commonly known as COVID-19, malicious cyber attackers were also at work, increasing the number of attacks, switching methods, taking advantage of the boom in Internet, network and email users, and playing on fears during the uncertain time, cybersecurity experts say. Companies struggling to maintain operations are still leaving gaps in digital security, they warn.

October 13, 2020
By Julianne Simpson
Credit: SailPoint

Many agencies today lack a way to effectively and securely govern access across multicloud environments. Though the use of multiple cloud platforms such as AWS, Azure and Google give agencies the freedom to match the requirements of each use case to the unique strengths of each cloud platform, it also leaves businesses vulnerable to the risks and costs of noncompliance, cyber attacks and human error.

Lack of governance can also stifle productivity and growth—if users can’t get the access they need when they need it, work doesn’t get done. Managing who has access to what and with which privileges is a major challenge in the cloud due to rapid change and its large scale.

October 1, 2020
By Joseph Mitola III
Senior Airman Daniel M. Davis, USAF, 9th Communications Squadron information system security officer, looks at a computer in the cybersecurity office on Beale Air Force Base. Cybersecurity airmen must manage more than 1,100 controls to maintain the risk management framework. Credit: U.S. Air Force photo by Airman Jason W. Cochran

Users need to transition all networked computing from the commercial central processing unit addiction to pure dataflow for architecturally safe voting machines, online banking, websites, electric power grids, tactical radios and nuclear bombs. Systems engineering pure dataflow into communications and electronic systems can protect them. The solutions to this challenge are in the users’ hands but are slipping through their fingers. Instead, they should grab the opportunity to zeroize network attack surfaces.

October 1, 2020
By Dirk W. Olliges
Leslie Bryant, civilian personnel office staffing chief, demonstrates how to give fingerprints to Jayme Alexander, Airmen and Family Readiness Center casualty assistance representative selectee. Although requiring fingerprints to access information is better than single-factor identification verification, it should be part of a multifactor authentication approach. Credit: 2nd Lt. Benjamin Aronson, USAF

The two-factor authentication schema is often heralded as the silver bullet to safeguard online accounts and the way forward to relegate authentication attacks to the history books. However, news reports of a phishing attack targeting authentication data, defeating the benefits of the protection method, have weakened confidence in the approach. Furthermore, hackers have targeted account recovery systems to reset account settings, yet again mitigating its effectiveness. Facilitating additional layers of security is crucial to bolstering user account protection and privacy today and into the future.

September 25, 2020
By Maryann Lawlor
Enterprisewide Risk Management (ERM) consists of the formal identification of major risks to the organization’s mission.

Cybersecurity is now a significant area of focus and concern for senior leaders who have witnessed cyber events that have resulted in significant financial and reputational damage. However, for many organizations, data defense continues to be a technology-focused effort managed by the technical “wizards.” Board of director discussions often zero in on describing the latest cyber threats rather than taking a long-range approach.

But cybersecurity is more than a technical challenge. Enterprise risk management (ERM) is an effective tool to assess risks, including those with cyber origins, but few businesses or agencies use the technique for this purpose, cyber experts assert.

September 16, 2020
By Maryann Lawlor
Bryan Ware (top l) and Jeff Reed (bottom) discussed some of the global shifts in cybersecurity requirements. The two shared their observations during a panel moderated by Jon Check, cyber protection solutions, intelligence and space unit, Raytheon, during the Billington Cybersecurity Summit.

COVID-19 has done more than increase hand-washing and mask-wearing. It has meant an entirely new way of communicating and collaborating. Those on the front lines say some of these changes are here to stay and will last much longer than the pandemic simply because they are more efficient ways to do business.

September 9, 2020
By Shaun Waterman
A GPS III satellite circles the earth. Photo Credit: United States Government, GPS.Gov

​​On both sides of the Atlantic, NATO and European leaders are struggling to address the threat posed to vital space systems by foreign hackers, cyber warfare and online espionage. Huge swathes of the global economy are utterly dependent on orbital capabilities like GPS that look increasingly fragile as space becomes more crowded and contested.

August 1, 2020
By Robert K. Ackerman

The COVID-19 pandemic brings with it a new set of cyber vulnerabilities built around lifestyle changes throughout society, and these vulnerabilities cry out for new means of cyber resiliency. “It’s quite possible that historians will remember COVID-19 as one of the very important civilizational turning points,” says Alexander Kott, chief scientist of the Army Research Laboratory and Army ST for cyber resilience. “COVID-19 is acting as a forcing function. It forces us to accelerate the transition to a more virtual society than we were before, and it is accelerating the trend that was occurring before COVID-19 but was happening more slowly and less noticeably.”

July 21, 2020
 

Enterprise modernization of the Navy's networks and systems is finally underway. Set to impact hundreds of thousands of uniformed and civilian users, it will consolidate many outsourced network service delivery mechanisms across the entire Department of the Navy (DON). The initiative aims to transform how services are delivered, provide a dramatically improved end user experience, and enable critical innovations long needed to accelerate the DON’s mission.

July 20, 2020
Posted by Julianne Simpson
Vince Urias, Sandia National Laboratories computer scientist, will pitch cybersecurity tools to potential investors at a special Department of Energy event. Photo by Randy Montoya

Two Sandia National Laboratories computer scientists are earning national recognition for cybersecurity platforms they developed. Adrian Chavez and Vince Urias will pitch their software to investors, entrepreneurs and prospective customers during the Cybersecurity Technology Virtual Showcase, which runs July 21-30 and is sponsored by the U.S. Department of Energy.

Combined, Chavez and Urias led the creation of four of the technologies to be showcased.

July 15, 2020
By George I. Seffers
U.S. Defense Department officials intend to complete an initial zero trust architecture by year's end to improve cybersecurity, according to Vice Adm. Nancy Norton, USN, director, Defense Information Systems Agency.

The U.S. Defense Department by the end of the calendar year will release an initial zero trust architecture to improve cybersecurity across the department, says Vice Adm. Nancy Norton, USN, director, Defense Information Systems Agency, and commander, Joint Force Headquarters-Department of Defense Information Network.

Norton’s agency, commonly known as DISA, is working with the National Security Agency, the Department of Defense (DOD) chief information officer and others on what she calls an initial “reference” architecture for zero trust, which essentially ensures every person wanting to use the DOD Information Network, or DODIN, is identified and every device trying to connect is authenticated.

July 14, 2020
By George I. Seffers
Lt. Gen. Bruce Crawford, USA, the Army's soon-to-retire CIO/G-6, attends a working lunch during the Joint Warfighting Assessment on Joint Base Lewis-McChord, Wash., May 1, 2019. The CIO said during the Army’s virtual 2020 Signal Conference hosted by AFCEA that the time is right for the service to split the CIO and G-6 offices. Credit: Sgt. Torrance Saunders

The U.S. Army’s near future will include an increased focus on adopting “zero trust” cybersecurity practices, better protecting its network endpoints and consolidating its plethora of cloud computing contracts, according to Lt. Gen. Bruce Crawford, the Army’s outgoing CIO/G-6. It also will likely include tightening defense budgets.

The general indicated during a keynote address for the Army’s virtual 2020 Signal Conference, which is hosted by AFCEA, that the 2021 fiscal year “is going to be all about driving on priorities.”

July 14, 2020
By Kimberly Underwood
Put simply, zero trust architecture (ZTA) is a "standard security door, and it’s a door that we can put in front of any application on our networks,” says Col. James Lotspeich, USAF, chief technology officer, Air Combat Command (ACC), Directorate of Cyberspace and Information Dominance (A6). The ACC is pursuing two ZTA pilot programs to improve cybersecurity. Credit: Shutterstock/Gomolach

The U.S. Air Force is experimenting with a zero trust strategy to provide additional digital protections. Zero trust architecture offers a higher level of cybersecurity, through limited per-session access, continuous monitoring, endpoint security and monitoring of network conversations, explained Col. James Lotspeich, USAF, chief technology officer, Air Combat Command (ACC), Directorate of Cyberspace and Information Dominance (A6).

Col. Lotspeich spoke about the ACC’s zero trust architecture efforts during AFCEA Tidewater’s July 2 virtual luncheon.

July 1, 2020
By Allison Annick
After serving in the U.S. Navy during World War II, Grace Hopper remained in the naval reserve. In 1952, her team at Remington Rand created the first compiler for computer languages, which was a precursor for COBOL. In this 1960 report, Hopper stands next to a mainframe computer that ran using COBOL. Courtesy of the Computer History Museum

At 61 years old, the common business-oriented language is the same age as many college kids’ parents. The coding language had its own exhibit in the Smithsonian National Museum of American History in 2013. Many in the industry now call it a “legacy language,” but its continued, widespread use tells a different story.